AppAttest API has been released starting from iOS 14. This technology was declared as anti-tampering solution and we found out sometimes its misintepreted as silver bullet against data modification on client-side. in this session we will take a look at this technology from reverse engineering perspective. We will look at examples of weak implementations of this technology, what are multiple bottlenecks that allow us easily bypassing this check. We will also share our vision on proper usage of this technology for software developers.
